bbe024c3d52abcd07d399b5ef33c4aa461f8e7ecf791f74d22d97560e17711e1

Sharing

Copy URL Twitter E-mail

General

Target

bbe024c3d52abcd07d399b5ef33c4aa461f8e7ecf791f74d22d97560e17711e1
Size

228KB
MD5

406bd7adcc003e2bc8f882bb689a22ba
SHA1

eb11a0891863579bc1fb5408a822724bc49d09a4
SHA256

bbe024c3d52abcd07d399b5ef33c4aa461f8e7ecf791f74d22d97560e17711e1
SHA512

b9d0919cdaf565b6fcd7b4f2adc4cbb6feaf747a235e2ca0368ae5f89a071e69f379c3626dc7ba64a09d91c845d2780b2aa275565e8e5018cec2ca1e5f883e0a
SSDEEP

3072:v4mw/In+cnWcc27N91/B2gbDJX+g/jNy8HlDc+pG6:vNw/M+J27NtvfLNy8F4+r

Score

N/A

Malware Config

Signatures

Files

bbe024c3d52abcd07d399b5ef33c4aa461f8e7ecf791f74d22d97560e17711e1
.exe windows x86

c168c7ddcf132f422afa62565107b1d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseFontA
GetSaveFileNameA
GetOpenFileNameA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetValueExA
RegQueryInfoKeyA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegEnumKeyExA
RegFlushKey

comctl32

ImageList_GetIconSize
ImageList_SetIconSize
ImageList_ReplaceIcon
ImageList_Write
ord17
ImageList_Create
ImageList_Destroy
ImageList_GetImageCount
ImageList_Add
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_Draw
ImageList_Replace
ImageList_DrawEx
ImageList_Remove
ImageList_GetIcon
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_SetDragCursorImage
ImageList_DragShowNolock
ImageList_GetDragImage
ImageList_Read

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

EncodePointer
SetLastError
PrepareTape
LocalUnlock
GlobalUnWire
DecodePointer
GlobalUnlock
SetSystemTimeAdjustment
GetFileInformationByHandle
GetProcessHandleCount
GetFileTime
GetProcessHeap
SetMessageWaitingIndicator
SetHandleCount
CreateTimerQueue
ConvertThreadToFiber
GetProcessVersion
LocalShrink
GetProcessPriorityBoost
GetCurrentThread
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
GetCommandLineA
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
GetLastError
InterlockedDecrement
WriteFile
GetStdHandle
GetModuleFileNameA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
GetFileType
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
RtlUnwind
GetLocaleInfoA
HeapAlloc
VirtualAlloc
HeapReAlloc
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c168c7ddcf132f422afa62565107b1d8

Headers

DLL Characteristics

File Characteristics

Imports

comdlg32

advapi32

comctl32

version

kernel32

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 95KB - Virtual size: 6.4MB

.rsrc Size: 94KB - Virtual size: 94KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 95KB - Virtual size: 6.4MB

.rsrc
Size: 94KB - Virtual size: 94KB